Compare commits
14 Commits
dev
...
97fe97add1
| Author | SHA1 | Date | |
|---|---|---|---|
| 97fe97add1 | |||
| f86fc48841 | |||
| 670edf6744 | |||
| ceb530f5b8 | |||
| 3c92571fcb | |||
| 16ee74ea92 | |||
| b99f13a53c | |||
| b24aecf252 | |||
| 4cd586dee5 | |||
| 3b3ea92c8d | |||
| 2ee5a9f012 | |||
| 89d1bb1a4f | |||
| a8d06f5342 | |||
| 75d70f0db5 |
@@ -53,7 +53,7 @@ jobs:
|
|||||||
tags: ${{ steps.meta.outputs.tags }}
|
tags: ${{ steps.meta.outputs.tags }}
|
||||||
labels: ${{ steps.meta.outputs.labels }}
|
labels: ${{ steps.meta.outputs.labels }}
|
||||||
build-args: |
|
build-args: |
|
||||||
DATABASE_URL=${{ secrets.DATABASE_URL }}
|
DATABASE_URL="posgres://no:account@nowhere/db"
|
||||||
cache-from: type=gha
|
cache-from: type=gha
|
||||||
cache-to: type=gha,mode=max
|
cache-to: type=gha,mode=max
|
||||||
|
|
||||||
|
|||||||
@@ -1,9 +1,9 @@
|
|||||||
apiVersion: secrets.hashicorp.com/v1beta1
|
apiVersion: secrets.hashicorp.com/v1beta1
|
||||||
kind: HCPStaticSecret
|
kind: VaultStaticSecret
|
||||||
metadata:
|
metadata:
|
||||||
name: taskarr-ap
|
name: taskarr-app
|
||||||
spec:
|
spec:
|
||||||
method: GET
|
type: kv-v2
|
||||||
mount: secret
|
mount: secret
|
||||||
path: taskarr/app
|
path: taskarr/app
|
||||||
destination:
|
destination:
|
||||||
|
|||||||
@@ -1,9 +1,9 @@
|
|||||||
apiVersion: secrets.hashicorp.com/v1beta1
|
apiVersion: secrets.hashicorp.com/v1beta1
|
||||||
kind: HCPStaticSecret
|
kind: VaultStaticSecret
|
||||||
metadata:
|
metadata:
|
||||||
name: taskarr-db
|
name: taskarr-db
|
||||||
spec:
|
spec:
|
||||||
method: GET
|
type: kv-v2
|
||||||
mount: secret
|
mount: secret
|
||||||
path: taskarr/db
|
path: taskarr/db
|
||||||
destination:
|
destination:
|
||||||
|
|||||||
18
deploy/base/db-taskarr-user.yaml
Normal file
18
deploy/base/db-taskarr-user.yaml
Normal file
@@ -0,0 +1,18 @@
|
|||||||
|
apiVersion: secrets.hashicorp.com/v1beta1
|
||||||
|
kind: VaultDynamicSecret
|
||||||
|
metadata:
|
||||||
|
name: taskarr-db-app-user
|
||||||
|
spec:
|
||||||
|
mount: database
|
||||||
|
path: creds/taskarr-app
|
||||||
|
destination:
|
||||||
|
name: taskarr-db-url
|
||||||
|
create: true
|
||||||
|
# This is where the magic happens
|
||||||
|
transformation:
|
||||||
|
excludes:
|
||||||
|
- .*
|
||||||
|
templates:
|
||||||
|
DATABASE_URL:
|
||||||
|
text: |
|
||||||
|
{{- printf "postgresql://%s:%s@postgres-service.taskarr.svc.cluster.local:5432/taskarr_db?sslmode=disable" (get .Secrets "username") (get .Secrets "password") -}}
|
||||||
@@ -48,7 +48,7 @@ spec:
|
|||||||
- name: DATABASE_URL
|
- name: DATABASE_URL
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: taskarr-app
|
name: taskarr-db-url
|
||||||
key: DATABASE_URL
|
key: DATABASE_URL
|
||||||
- name: ORIGIN
|
- name: ORIGIN
|
||||||
valueFrom:
|
valueFrom:
|
||||||
|
|||||||
@@ -13,3 +13,4 @@ resources:
|
|||||||
- ./postgres.yaml
|
- ./postgres.yaml
|
||||||
- ./database-secret.yaml
|
- ./database-secret.yaml
|
||||||
- ./app-secret.yaml
|
- ./app-secret.yaml
|
||||||
|
- ./db-taskarr-user.yaml
|
||||||
|
|||||||
38
package.json
38
package.json
@@ -1,24 +1,6 @@
|
|||||||
{
|
{
|
||||||
"name": "taskarr-mgr",
|
"name": "taskarr-mgr",
|
||||||
"private": true,
|
|
||||||
"version": "0.0.1",
|
"version": "0.0.1",
|
||||||
"type": "module",
|
|
||||||
"scripts": {
|
|
||||||
"dev": "vite dev",
|
|
||||||
"build": "vite build",
|
|
||||||
"preview": "vite preview",
|
|
||||||
"prepare": "svelte-kit sync || echo ''",
|
|
||||||
"check": "svelte-kit sync && svelte-check --tsconfig ./tsconfig.json",
|
|
||||||
"check:watch": "svelte-kit sync && svelte-check --tsconfig ./tsconfig.json --watch",
|
|
||||||
"lint": "prettier --check . && eslint .",
|
|
||||||
"format": "prettier --write .",
|
|
||||||
"db:start": "podman compose up",
|
|
||||||
"db:push": "drizzle-kit push",
|
|
||||||
"db:generate": "drizzle-kit generate",
|
|
||||||
"db:migrate": "drizzle-kit migrate",
|
|
||||||
"db:studio": "drizzle-kit studio",
|
|
||||||
"auth:schema": "better-auth generate --config src/lib/server/auth.ts --output src/lib/server/db/auth.schema.ts --yes"
|
|
||||||
},
|
|
||||||
"devDependencies": {
|
"devDependencies": {
|
||||||
"@better-auth/cli": "~1.4.21",
|
"@better-auth/cli": "~1.4.21",
|
||||||
"@eslint/compat": "^2.0.4",
|
"@eslint/compat": "^2.0.4",
|
||||||
@@ -48,5 +30,23 @@
|
|||||||
"typescript": "^6.0.2",
|
"typescript": "^6.0.2",
|
||||||
"typescript-eslint": "^8.58.1",
|
"typescript-eslint": "^8.58.1",
|
||||||
"vite": "^8.0.7"
|
"vite": "^8.0.7"
|
||||||
}
|
},
|
||||||
|
"private": true,
|
||||||
|
"scripts": {
|
||||||
|
"dev": "vite dev",
|
||||||
|
"build": "vite build",
|
||||||
|
"preview": "vite preview",
|
||||||
|
"prepare": "svelte-kit sync || echo ''",
|
||||||
|
"check": "svelte-kit sync && svelte-check --tsconfig ./tsconfig.json",
|
||||||
|
"check:watch": "svelte-kit sync && svelte-check --tsconfig ./tsconfig.json --watch",
|
||||||
|
"lint": "prettier --check . && eslint .",
|
||||||
|
"format": "prettier --write .",
|
||||||
|
"db:start": "podman compose up",
|
||||||
|
"db:push": "drizzle-kit push",
|
||||||
|
"db:generate": "drizzle-kit generate",
|
||||||
|
"db:migrate": "drizzle-kit migrate",
|
||||||
|
"db:studio": "drizzle-kit studio",
|
||||||
|
"auth:schema": "better-auth generate --config src/lib/server/auth.ts --output src/lib/server/db/auth.schema.ts --yes"
|
||||||
|
},
|
||||||
|
"type": "module"
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1 +1,93 @@
|
|||||||
// If you see this file, you have not run the auth:schema script yet, but you should!
|
import { relations } from "drizzle-orm";
|
||||||
|
import { pgTable, text, timestamp, boolean, index } from "drizzle-orm/pg-core";
|
||||||
|
|
||||||
|
export const user = pgTable("user", {
|
||||||
|
id: text("id").primaryKey(),
|
||||||
|
name: text("name").notNull(),
|
||||||
|
email: text("email").notNull().unique(),
|
||||||
|
emailVerified: boolean("email_verified").default(false).notNull(),
|
||||||
|
image: text("image"),
|
||||||
|
createdAt: timestamp("created_at").defaultNow().notNull(),
|
||||||
|
updatedAt: timestamp("updated_at")
|
||||||
|
.defaultNow()
|
||||||
|
.$onUpdate(() => /* @__PURE__ */ new Date())
|
||||||
|
.notNull(),
|
||||||
|
});
|
||||||
|
|
||||||
|
export const session = pgTable(
|
||||||
|
"session",
|
||||||
|
{
|
||||||
|
id: text("id").primaryKey(),
|
||||||
|
expiresAt: timestamp("expires_at").notNull(),
|
||||||
|
token: text("token").notNull().unique(),
|
||||||
|
createdAt: timestamp("created_at").defaultNow().notNull(),
|
||||||
|
updatedAt: timestamp("updated_at")
|
||||||
|
.$onUpdate(() => /* @__PURE__ */ new Date())
|
||||||
|
.notNull(),
|
||||||
|
ipAddress: text("ip_address"),
|
||||||
|
userAgent: text("user_agent"),
|
||||||
|
userId: text("user_id")
|
||||||
|
.notNull()
|
||||||
|
.references(() => user.id, { onDelete: "cascade" }),
|
||||||
|
},
|
||||||
|
(table) => [index("session_userId_idx").on(table.userId)],
|
||||||
|
);
|
||||||
|
|
||||||
|
export const account = pgTable(
|
||||||
|
"account",
|
||||||
|
{
|
||||||
|
id: text("id").primaryKey(),
|
||||||
|
accountId: text("account_id").notNull(),
|
||||||
|
providerId: text("provider_id").notNull(),
|
||||||
|
userId: text("user_id")
|
||||||
|
.notNull()
|
||||||
|
.references(() => user.id, { onDelete: "cascade" }),
|
||||||
|
accessToken: text("access_token"),
|
||||||
|
refreshToken: text("refresh_token"),
|
||||||
|
idToken: text("id_token"),
|
||||||
|
accessTokenExpiresAt: timestamp("access_token_expires_at"),
|
||||||
|
refreshTokenExpiresAt: timestamp("refresh_token_expires_at"),
|
||||||
|
scope: text("scope"),
|
||||||
|
password: text("password"),
|
||||||
|
createdAt: timestamp("created_at").defaultNow().notNull(),
|
||||||
|
updatedAt: timestamp("updated_at")
|
||||||
|
.$onUpdate(() => /* @__PURE__ */ new Date())
|
||||||
|
.notNull(),
|
||||||
|
},
|
||||||
|
(table) => [index("account_userId_idx").on(table.userId)],
|
||||||
|
);
|
||||||
|
|
||||||
|
export const verification = pgTable(
|
||||||
|
"verification",
|
||||||
|
{
|
||||||
|
id: text("id").primaryKey(),
|
||||||
|
identifier: text("identifier").notNull(),
|
||||||
|
value: text("value").notNull(),
|
||||||
|
expiresAt: timestamp("expires_at").notNull(),
|
||||||
|
createdAt: timestamp("created_at").defaultNow().notNull(),
|
||||||
|
updatedAt: timestamp("updated_at")
|
||||||
|
.defaultNow()
|
||||||
|
.$onUpdate(() => /* @__PURE__ */ new Date())
|
||||||
|
.notNull(),
|
||||||
|
},
|
||||||
|
(table) => [index("verification_identifier_idx").on(table.identifier)],
|
||||||
|
);
|
||||||
|
|
||||||
|
export const userRelations = relations(user, ({ many }) => ({
|
||||||
|
sessions: many(session),
|
||||||
|
accounts: many(account),
|
||||||
|
}));
|
||||||
|
|
||||||
|
export const sessionRelations = relations(session, ({ one }) => ({
|
||||||
|
user: one(user, {
|
||||||
|
fields: [session.userId],
|
||||||
|
references: [user.id],
|
||||||
|
}),
|
||||||
|
}));
|
||||||
|
|
||||||
|
export const accountRelations = relations(account, ({ one }) => ({
|
||||||
|
user: one(user, {
|
||||||
|
fields: [account.userId],
|
||||||
|
references: [user.id],
|
||||||
|
}),
|
||||||
|
}));
|
||||||
|
|||||||
Reference in New Issue
Block a user